Ransomware Is NOT GONE, It’s Just Getting Sneakier

2018 hasn’t seen too many headlines about ransomware attacks, but that doesn’t mean it’s gone for good.

Here are some tips on what to do in order to avoid such an attack, as well as one cautionary tale from an organization who was not fully prepared, thus losing critical data that will likely never be retrieved.

Plan to Remain Safe 

The first step in combating a possible ransomware assault is to create a comprehensive safety plan, then instruct everyone to diligently follow it. Following a plan consistently will go a long way in establishing good technology practices that will keep vital corporate data safe.

Create a training plan for employees in the safe practices in the use of technology and the importance of data security. In the training, instruct employees in the importance of not opening attachments from an unknown sender. Instead they should report the suspicious email to the company tech team. They should also disable macros in emails and all other documents since macros are a common mechanism used by hackers to deliver ransomware.

If employees work from home or if they use their laptop on-the-go, they need to know how to backup their work activities and then consistently perform a backup on daily basis.

A company’s tech team should also follow good safety rules including daily backing up all corporate data. Companies should decide how far back in time they would like to retain data and establish a test plan that routinely checks whether data is restored properly and efficiently.

A good tech team will also automate the installation of patches and updates on all corporate devices for all software including operating systems, applications, as well as security software.

Tech teams should also recommend regular replacement of all technology hardware. Using hardware older than 5 years increases the risk of security breaches as older system patches and updates become obsolete.

A Cautionary Tale

If an organization needs further convincing as to the necessity of following a good security plan, they need only learn what happened earlier in the year to the city of Atlanta and their law enforcement data. When the city was attacked, the hackers demanding $51,000 in bitcoin to unlock their data. The city refused and subsequently their law enforcement division lost years of dash-cam video data.  This loss compromised law enforcement’s ability to provide critical evidence when disputes occurred over interaction between police and the general public, as well as arrests.

Summary

Companies that keep their defenses up against these types of computer attacks can save themselves countless hours of headaches, not to mention the associated costs, when their diligence allows them to avoid such assaults.

If your business is not already following a good security plan, make it a goal for 2019 to implement one.